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AMENDMENT TO THE CLAIMS 



1 1 . (Currently Amended) A method of evaluating fraud risk of an electronic commerce 

2 transaction, the method comprising the computer-implemented steps of: 

3 an apparatus receiving transaction information data that defines the electronic commerce 

4 transaction; 

5 the apparatus determining a first fraud risk score value associated with the electronic 

6 com merce transaction based on applying a plurality of tests to the transaction 

7 information data , wherein each of the plurality of tests determines whether the 

8 transaction information data appears to represent a genuine transaction based on 

9 specified criteria; 

10 the apparatus determining a second fraud risk score value associated with the electronic 

1 1 commerce transaction based on a comparison of the transaction information data 

12 to historical transaction information data ; 

1 3 the apparatus combining the first fraud risk score value and the second fraud risk score 

14 value using a statistical model to result in creating a model score value; 

1 5 the apparatus blending the model score value with one or more merchant-specific 

16 threshold values to result in creating and storing a final fraud risk score value for 

1 7 the electronic commerce transaction. 

1 2. (Currently Amended) A method as recited in Claim 1 , wherein receiving transaction 

2 information data comprises the steps of the apparatus receiving transaction information 

3 data that defines the electronic commerce transaction for a particular Internet identity, and 

4 wherein determining a second fraud risk score value comprises the steps of the apparatus 

5 determining a second fraud risk score value associated with the electronic commerce 

6 transaction based on a comparison of the transaction information data to historical 

7 transaction information data for other electronic commerce transactions pertaining to the 

8 same Internet identity. 
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1 3. (Currently Amended) A method as recited in Claim 2, wherein an -the particular Internet 

2 identity comprises a first hash value of an email address of a prospective purchaser 

3 carried in combination with a second hash value of a card bank identification number of 

4 the prospective purchaser. 

1 4. (Currently Amended) A method as recited in Claim 2, wherein aft- the particular Internet 

2 identity comprises a first hash value of an email address of a prospective purchaser 

3 carried in combination with a second hash value of a card bank identification number of 

4 the prospective purchaser and with a third hash value based on a shipping address of the 

5 prospective purchaser. 

1 5. (Currently Amended) A method as recited in Claim 2, wherein an- the particular Internet 

2 identity comprises a first hash value of an prospective purchaser's host IP address, in 

3 combination with a second hash value of an email address of a prospective purchaser 

4 carried, in combination with a third hash value of a card bank identification number of the 

5 prospective purchaser and a fourth hash value based on a shipping address of the 

6 prospective purchaser. 

7 6. (Currently Amended) A method as recited in Claim 2, wherein afl -the particular Internet 

8 identity comprises a first hash value of a prospective purchaser's hardware device ID 

9 value, in combination with a second hash value of either the email address or user ID of 

10 the prospective purchaser, in combination with a third hash value of a card bank 

1 1 identification number of the prospective purchaser and with a fourth hash value based on 

12 a shipping address of the prospective purchaser. 

1 7. (Currently Amended) A method as recited in Claim 1, wherein the step of determining 

2 the second fraud risk score value comprises the steps of: 

3 the apparatus retrieving one or more records of historic transaction information data 

4 pertaining to past transactions associated with the transaction information data ; 



3 



LEWIS, Ser. No. 09/708,124, GAU 3624, Examiner Sandra S. Snapp 

REPLY TO OFFICE ACTION 

5 when one of the records of historic transaction informati on- data is found to contain a 

6 fraud list tag, discontinuing further retrieval of such records; 

7 the apparatus determining a-the second fraud risk score value associated with the 

8 electronic commerce transaction based on only the retrieved records of historical 

9 transaction information data in comparison to the transaction information data . 



1 8. (Currently Amended) A method as recited in Claim 1 , wherein the step of determining 

2 the second fraud risk score value comprises the steps of; 

3 the apparatus retrieving one or more records of historic transaction information data 

4 pertaining to past electronic commerce transactions associated with the transaction 

5 information data ; 

6 when a specified larg e plurality amount of the records of historic transaction information 

7 data is retrieved and further records of historic transaction information data 

8 remain to be retrieved, discontinuing further retrieval of such records; 

9 the apparatus determining athe second fraud risk score value associated with the 

10 electronic commerce transaction based on only the retrieved records of historical 

1 1 transaction information data in comparison to the transaction information data . 



1 9. (Currently Amended) The method as recited in Claim 1, wherein the step of blending the 

2 model score value comprises the steps of the apparatus b lending the model score value 

3 with one or more merchant-specific threshold values to result in creating and storing a 

4 final fraud risk score value for the electronic commerce transaction and one or more 

5 return code values that signal specified risk issues that have been detected with respect to 

6 the transaction. 

1 10. (Currently Amended) The method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of the apparatus determining a first fraud risk 

3 score value associated with the electronic commerce transaction based on applying a 

4 plurality of tests to the transaction informatio n data , wherein one of the plurality of tests 

5 determines whether an Internet identity in the transaction information data is found in a 

6 list of parties to known past fraudulent transactions. 
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1 11. (Currently Amended) The method as recited in Claim 1 , wherein determining the first 

2 fraud risk score value comprises the steps of the apparatus determining a first fraud risk 

3 score value associated with the electronic commerce transaction based on applying a 

4 plurality of tests to the transaction informatio n data , wherein one of the plurality of tests 

5 determines whether an Internet identity in the transaction information data is found in a 

6 list of trusted parties. 

1 12. (Currently Amended) A method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of the apparatus determining a first fraud risk 

3 score value associated with the electronic commerce transaction based on applying a 

4 plurality of tests to the transaction informatio n data , wherein one of the plurality of tests 

5 automatically d e t e rmin e s wh e th e r a t e xt valu e in th e transaction information is 

6 unint e lligibl e or m e aningl e ss, by comprises the steps of: 

7 the apparatus receiving the text value; 

8 for each bi-gram in the text value, the apparatus r etrieving from a table of bi-gram 

9 probability values a probability value that represents a probability that the bi-gram 

10 is found in a genuine text value; 

1 1 the apparatus g enerating a penalty value when the retrieved probability values indicate 

12 that the text value comprises a combination of bi-grams that are not likely to 

13 represent a genuine text value. 

1 13. (Currently Amended) A method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of the apparatus determining a first fraud risk 

3 score value associated with the electronic commerce transaction based on applying a 

4 plurality of tests to the transaction information data , wh e r e in on e of th e plurality of t e sts 

5 automatically d e t e rmin e s wheth e r a nam e valu e in th e transaction information is 

6 unintelligibl e or m e aningless, by the steps of: 

7 the apparatus receiving the name value; 
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8 for each bi-gram in the text value, the apparatus retrieving from a table of bi-gram 

9 probability values a probability value that represents a probability that the bi-gram 

10 is found in a genuine name value, wherein the table of bi-gram probability values 

11 is created based on an actual frequency of occurrences of bi-grams in a large 

1 2 sample of genuine names; 

13 the apparatus g enerating a penalty value when the retrieved probability values indicate 

14 that the text value comprises a combination of bi-grams that are not likely to 

1 5 represent a genuine name value. 

1 14. (Currently Amended) A method as recited in Claim 1, wherein determining the first 

2 fraud risk score value comprises the steps of the apparatus determining a first fraud risk 

3 score value associated with the electronic commerce transaction based on applying a 

4 plurality of tests to the transactio n informatio n data , wherein one of the plurality of tests 

5 automatically determines whether a city value in the transaction information data is 

6 within an area code value of the transaction information data , by the steps of: 

7 the apparatus receiving the city value and the area code value as part of the t ransaction 

8 information data ; 

9 the apparatus determining a latitude value and a longitude value that represent a &ue 

1 0 position of a city identified in the city value; 

1 1 the apparatus determining a range of latitude values and a range of longitude values 

12 associated with an area code identified in the area code value; 

1 3 based on the latitude value^s-and the_longitude values the range of latitude values, and the 

14 range of longitude values , the apparatus determining whether the city identified in 

1 5 the city value is g e nuin e ly within the area code identified in the area code value; 

16 the apparatus applying a penalty to the electronic commerce transaction when the city 

1 7 identified in the city value is not within the area code identified in the area code 

1 8 value. 
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1 15. (Currently Amended) A method as recited in Claim 1 , wherein determining the first fraud 

2 risk score value comprises the steps of determining a first fraud risk score value 

3 associated with the electronic commerce transaction based on applying a plurality of tests 

4 to the transaction information data , wherein one of the plurality of tests automatically 

5 determines whether a city value in the transaction information data is within an email 

6 domain of the transaction information data , by the steps of: 

7 the apparatus receiving the city value and an email address value as part of transaction 

8 information data ; 

9 the apparatus determining a latitude value and a longitude value that represent a tfue 

10 position of a city identified in the city value; 

1 1 the apparatus determining a range of latitude values and a range of longitude values 

12 associated with an email domain portion of the email address value; 

1 3 based on the latitude value i s-and longitude valuer the range of latitude values, and the 

14 range of longitude values , the apparatus determining whether the city identified in 

15 the city value is g e nuin e ly within the email domain indicated in the email address 

16 value; 

1 7 the apparatus applying a penalty to the electronic commerce transaction when the city 

1 8 identified in the city value is not within the area code identified in the area code 

19 value. 

1 16. (Currently Amended) A method as recited in Claim 13, further comprising the steps of 

2 the apparatus creating and storing an email domain location table comprising a plurality 

3 of records that associate email domain values with city values associated with shipping 

4 addresses of past non-fraudulent transactions. 

1 17. (Currently Amended) The method as recited in Claim 14, wherein determining whether 

2 the city identified in the city value is g e nuin e ly within the email domain comprises the 

3 steps of the apparatus determining whether the city value is for a city that is outside the 

4 email domain as indicated by the records in the email domain location table. 
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1 18. (Currently Amended) A method as recited in Claim 1 , wherein determining the first 

2 fraud risk score value comprises the steps of the apparatus determining a first fraud risk 

3 score value associated with the electronic commerce transaction based on applying a 

4 plurality of tests to the transaction information data , wherein one of the plurality of tests 

5 automatically determines whether a country value in the transaction informatio n -data is 

6 proximate to a bank referenced in a bank identification number of a credit card number in 

7 the transaction information data , by the steps of: 

8 the apparatus receiving the country value and a bank identification number of a credit 

9 card number as part of the transaction information data ; 

10 the apparatus determining a relative distance between a country identified in the country 

1 1 value and a bank associated with the bank identification number; 

12 based on the relative distance between the country and the bank, the apparatus 

1 3 determining whether the country is toe-jay greater than a specified relative distance 

14 from the bank; 

1 5 the apparatus applying a penalty to the electronic commerce transaction when the country 

16 is tee-ja rgreater than the specified relative distance from the bank. 

1 19. (Currently Amended) A method as recited in Claim 1 8, further comprising the steps of 

2 the apparatus creating and storing a bank location table comprising a plurality of records, 

3 wherein each record associates a bank identification number with a country value 

4 representing a country in which a headquarters of the bank is located. 

1 20. (Currently Amended) A method as recited in Claim 19, further comprising the steps of 

2 the apparatus creating and storing a bank location table comprising a plurality of records 

3 that associate bank identification numbers with country values associated with shipping 

4 addresses of past non- fraudulent transactions. 
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1 21. (Currently Amended) The method as recited in Claim 20, wherein determining whether 

2 the country identified in the country value is toe-fe greater than the specified relative 

3 di stance from the bank comprises the steps of the apparatus determining whether the 

4 country value is for a country that is toe-jar greater than the specified relative distance 

5 from the bank as indicated by the records in the bank domain location table. 

1 22. (Currently Amended) A method of determining evaluating fraud risk of an electronic 

2 commerce transaction, the method comprising the computer-implemented steps of: 

3 an apparatus receiving transaction information data that defines the electronic commerce 

4 transaction; 

5 the apparatus determining a first fraud risk score value associated with the electronic 

6 commerce transaction based on applying a plurality of tests to the transaction 

7 informatio n data , wherein one of the plurality of tests automatically determines 

8 wh e th e r a name value in th e transaction information is unint e lligibl e or 

9 meaningless, bv includes at least : 

1 0 the apparatus receiving the name value; 

1 1 for each bi-gram in the text value, the apparatus retrieving from a table of bi-gram 

12 probability values a probability value that represents a probability that the 

13 bi-gram is found in a genuine name value, wherein the table of bi-gram 

14 probability values is created based on an actual frequency of occurrences 

1 5 of bi-grams in a large sample of genuine names; 

16 the apparatus generating a penalty value when the retrieved probability values 

17 indicate that the text value comprises a combination of bi-grams that are 

1 8 not likely to represent a genuine name value. 

1 23. (Currently Amended) A method of determining for an electronic commerce transaction 

2 whether a text value is gibberish, comprising the steps of: 

3 receiving the text value as part of transaction information data of the electronic commerce 

4 transaction; 

5 identifying a succession of letter pairs in the received text value; 
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6 for each identified letter pair, retrieving from a table of probability values a probability 

7 value that represents a probability that the identified letter pair is found in a 

8 genuine text value in a position equivalent to a position of each identified letter 

9 pair within the received text value; 

10 generating a fraud risk penalty value for the electronic commerce transaction when the 

1 1 retrieved probability values indicate that the received text value is not likely to 

12 represent a genuine text value. 

1 24. (Currently Amended) A computer-readable medium carrying one or more sequences of 

2 instructions for evaluating fraud risk of an electronic commerce transaction, which 

3 instructions, when executed by one or more processors, cause the one or more processors 

4 to carry out the steps of: 

5 receiving transaction information that defines the electronic commerce transaction; 

6 determining a first fraud risk score value associated with the electronic commerce 

7 transaction based on applying a plurality of tests to the transaction information 

8 data, wherein each of the plurality of tests determines whether the transaction 

9 information data appears to represent a genuine transaction based on specified 

10 criteria; 

1 1 determining a second fraud risk score value associated with the electronic transaction 

12 based on a comparison of the transaction information to historical transaction 

13 information; 

14 combining the first fraud risk score value and the second fraud risk score value using a 

15 statistical model to result in creating a model score value; 

16 blending the model score value with one or more merchant-specific threshold values to 

17 result in creating and storing a final fraud risk score value for the electronic 

18 commerce transaction. 

1 25. (Currently Amended) An apparatus for evaluating fraud risk of an electronic commerce 

2 transaction, the apparatus comprising: 

3 means for receiving transaction information data that defines the electronic commerce 

4 transaction; 
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5 means for determining a first fraud risk score value associated with the electronic 

6 commerce transaction based on applying a plurality of tests to the transaction 

7 informatio n data , wherein each of the plurality of tests determines whether the 

8 transaction information data appears to represent a genuine transaction based on 

9 specified criteria; 

10 means for determining a second fraud risk score value associated with the e l e ctronic 

1 1 transaction electronic commerce transaction based on a comparison of the 

12 transaction information transaction data to historical transaction 

13 information transaction data ; 

14 means for combining the first fraud risk score value and the second fraud risk score value 

1 5 using a statistical model to result in creating a model score value; 

16 means for blending the model score value with one or more merchant-specific threshold 

17 values to result in creating and storing a final fraud risk score value for the 

1 8 electronic commerce transaction. 

1 26. (Currently Amended) An apparatus for evaluating fraud risk of an electronic commerce 

2 transaction, comprising: 

3 a processor; 

4 a computer readable medium having one or more stefed-sequences of instructions stored 

5 thereon which, when executed by the processor, cause the processor to carry out 

6 the steps of: 

7 receiving transaction information data that defines the electronic commerce 

8 transaction; 

9 determining a first fraud risk score value associated with the electronic commerce 

10 transaction based on applying a plurality of tests to the transaction 

1 1 information data , wherein each of the plurality of tests determines whether 

12 the transaction information data appears to represent a genuine transaction 

1 3 based on specified criteria; 

14 determining a second fraud risk score value associated with the electronic 

15 commerce transaction based on a comparison of the transaction 

1 6 information data to historical transaction information data ; 
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17 combining the first fraud risk score value and the second fraud risk score value 

18 using a statistical model to result in creating a model score value; 

19 blending the model score value with one or more merchant-specific threshold 

20 values to result in creating and storing a final fraud risk score value for the 

2 1 electronic commerce transaction. 

1 27. (New) A method of evaluating fraud risk of an electronic commerce transaction, the 

2 method comprising the computer-implemented steps of: 

3 an apparatus receiving transaction data that defines the electronic commerce transaction; 

4 the apparatus determining a first fraud risk score value associated with the electronic 

5 commerce transaction based on applying a plurality of tests to the transaction data; 

6 the apparatus determining a second fraud risk score value associated with the electronic 

7 commerce transaction based on a comparison of the transaction data to historical 

8 transaction data; 

9 the apparatus combining the first fraud risk score value and the second fraud risk score 

10 value using a statistical model to result in creating a model score value; 

1 1 the apparatus blending the model score value with one or more merchant-specific 

12 threshold values to result in creating and storing a final fraud risk score value for 

13 the electronic commerce transaction. 



1 28. (New) A method as recited in claim 1, wherein: 

2 the apparatus comprises a first apparatus and a second apparatus linked by a network; 

3 the apparatus receiving the transaction data is performed by the first apparatus; and 

4 the apparatus blending the model score value is performed by the second apparatus. 

1 29. (New) A method of evaluating fraud risk of an electronic commerce transaction, the 

2 method comprising the computer-implemented steps of: 

3 an apparatus receiving transaction data that defines the electronic commerce transaction; 
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4 the apparatus determining a first fraud risk score value associated with the electronic 

5 commerce transaction based on applying a plurality of tests to the transaction data, 

6 wherein each of the plurality of tests determines whether the transaction meets 

7 specified criteria; 

8 the apparatus determining a second fraud risk score value associated with the electronic 

9 commerce transaction based on a comparison of the transaction data to historical 

10 transaction data; 

1 1 the apparatus combining the first fraud risk score value and the second fraud risk score 

12 value using a statistical model to result in creating a model score value; 

13 the apparatus blending the model score value with one or more merchant-specific 

14 threshold values to result in creating and storing a final fraud risk score value for 

1 5 the electronic commerce transaction. 

1 30. (New) A computer-readable medium carrying one or more sequences of instructions for 

2 evaluating fraud risk of an electronic commerce transaction, when executed by one or 

3 more processors, the computer readable medium comprising: 

4 memory carrying one or more instructions that cause the one or more processors to carry 

5 out the step of receiving transaction information that defines the electronic 

6 commerce transaction; 

7 memory carrying one or more instructions that cause the one or more processors to carry 

8 out the step of determining a first fraud risk score value associated with the 

9 electronic commerce transaction based on applying a plurality of tests to the 

10 transaction information, wherein each of the plurality of tests determines whether 

1 1 the transaction information appears to represent a genuine transaction based on 

12 specified criteria; 

13 memory carrying instructions one or more instructions that cause the one or more 

14 processors to carry out the step of determining a second fraud risk score value 

15 associated with the electronic transaction based on a comparison of the transaction 

16 information to historical transaction information; 
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1 7 memory carrying instructions one or more instructions that cause the one or more 

18 processors to carry out the step of combining the first fraud risk score value and 

19 the second fraud risk score value using a statistical model to result in creating a 

20 model score value; and 

21 memory carrying instructions one or more instructions that cause the one or more 

22 processors to carry out the step of blending the model score value with one or 

23 more merchant-specific threshold values to result in creating and storing a final 

24 fraud risk score value for the electronic commerce transaction. 
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